U.S. government under global cyber attack

The U.S. Department of Energy and several other federal agencies were attacked in a global hacking campaign that exploited a vulnerability in widely used file transfer software, Reuters reported on June 15.

Large organizations, including the U.K. telecommunications regulator, British Airways, the BBC and drugstore chain Boots, were also victims last week.

The U.S. Department of Energy said in a statement that data from two entities within the energy sector was compromised when hackers gained access through a security flaw in MOVEit Transfer.

MOVEit Transfer is a popular tool used by organizations to share sensitive information with partners or customers.

Customers of banks, for example, can use MOVEit Transfer to upload financial data about their loan applications, said John Hammond, a security researcher at Huntress.

The entities are U.S. Department of Energy contractor Oak Ridge Union University and the Waste Isolation Pilot Plant, a facility in New Mexico that handles defense-related nuclear waste, a U.S. Department of Energy official said.

Three organizations - British energy giant Shell, the University System of Georgia, Johns Hopkins University and Johns Hopkins Health System - all said in their respective statements that they were similarly hit by the cyberattack. Johns Hopkins Health System is a nonprofit organization that operates six hospitals and primary care centers in partnership with the university.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) said it is helping several federal agencies that were breached, but did not disclose their names. The Department of Energy, which manages U.S. nuclear infrastructure and energy policy, said it has notified Congress of the breach and is participating in law enforcement and CISA investigations.

A Shell spokesman said there was no evidence that the breach related to MOVEit Transfer had impacted Shell's core IT systems. The tool has about 50 users and is urgently investigating which data may have been affected.

Johns Hopkins also said it is investigating a recent cybersecurity attack against a widely used software tool that affects their network.

The University System of Georgia, which consists of about 26 public universities, said they are evaluating the scope and severity of a potential data breach from the MOVEit hack.